proactive vs. reactive

don’t wait for a patch

We inform our client of critical threats years before the public(and attackers) catch wind of the vulnerability.

8race begins

7industry & attackers prioritize

6PUBLIC informed

5distribute to clients

4document

3exploit

2analyze

1discover

others

Exodus

01Discover

The Exodus team discovers a zero-day vulnerability in the lab.

02Analyze

The vulnerability is analyzed to determine whether or not it is critical enough to warrant notifying Exodus’ customers.

03Exploit

The team employs exclusive in-house techniques to create a working exploit tool for the vulnerability.

04Document

A thorough report is created that documents every relevant aspect of the threat.

05Distributed

The report and accompanying materials are securely distributed to clients via the Exodus web portal.

UP TO 2 years later

the zero-day becomes known

06Publicized

The vulnerability details are made public due to the release of a vendor patch or the detection of an in-the-wild attack abusing the zero-day flaw.

07Prioritized

Those responsible for implementing defensive measures must prioritize how to address the multiple vulnerabilities that are frequently patched in one release. Attackers also prioritize which flaws are ideal for exploitation.

08Race Begins

Both malicious actors and those working to defend begin racing to develop and deploy a working solution. The problem is only one of these groups is constrained by a traditional work schedule.

Contact us for an overview of our capabilities and examplesof how they have been utilized by our clients.